由买买提看人间百态

boards

本页内容为未名空间相应帖子的节选和存档,一周内的贴子最多显示50字,超过一周显示500字 访问原贴
Programming版 - 请推荐perl web framework
相关主题
面试碰到J2EE系统安全性的问题应该怎么回答?c写CGI
perl non web frameworkjava annotation怎么debug?
[转载] 在CGI程序中有何好方法返回HTMLVertx dependency injection 问题
关于c++调用DOS 命令的问题,谢谢借东风问一下:用JS可以cross domain接受SSL certificate吗?
请 教 : 关 于 writing to a file 用 Perl for CGIcross origin resource sharing
再 次 请 教 : 关 于 writing to a file 用 Perl for CGItangerine网站用的html,把参数加在url,这样能避免xss吗?
弱问perl写网页buffer问题用haskell写网站是否不容易被攻击
how to avoid security holes for perl CGI code using checkbo (转载)node.js session的问题
相关话题的讨论汇总
话题: cgi话题: perl话题: web话题: your
进入Programming版参与讨论
1 (共1页)
w*s
发帖数: 7227
1
Yes, while i'm working on node.js, i still love perl, :)
The old web product is based on old perl CGI, i'm looking to the simplest
way to fix XSS/Sql injection/etc. web security holes.
So for Catalyst Dancer Mason Maypole Mojolicious
which one should i use in the ARM platform ? Thank you !
c*********e
发帖数: 16335
2
XSS/csrf/Sql injection是因为用户数据里有tags, ' "之类的东西。和语言无关。
我最近做了一网站,为了防止sql injection,csrf,xss,用到了很多种方法。escape
' "据说不能防止所有的sql injection,但是我一直想知道一个例子。

【在 w*s 的大作中提到】
: Yes, while i'm working on node.js, i still love perl, :)
: The old web product is based on old perl CGI, i'm looking to the simplest
: way to fix XSS/Sql injection/etc. web security holes.
: So for Catalyst Dancer Mason Maypole Mojolicious
: which one should i use in the ARM platform ? Thank you !

w*s
发帖数: 7227
3
from others
You have fallen foul of the primarily opinion-based off-topic categorisation
, and your question will probably be closed very soon. However I think it's
worth offering a few guidelines here
First of all you should absorb what is written in CGI::Alternatives as it is
a reasonable summary of the subject
Next you should separate the HTML generation functionality of your existing
CGI code from the interface itself, and consider replacements for each of
them separately. If you were to use HTML::Tiny together with CGI::Simple
then your code would have to change very little and you would have achieved
better partitioning of functionality
Ideally you will move on to one of the many templating systems such as
Template Toolkit, together with one of the frameworks, which is the topic of
your question. In the end you will need to do a lot of research and many
trials to discover how well each framework fits your requirement, in terms
of both the feature list and the convenience and clarity of the API
All I can do here is suggest that the Mojolicious suite may be a good
starting point. The API focuses on command chaining in a way similar to Ruby
, and there is a Mojolicious::Plugin::CGI accessory which will allow you to
execute CGI scripts unchanged during your migration
Note however that all of the frameworks that you mention, as well as several
others, will have their proponents. That is why you must make the selection
yourself, as such recommendations will be influenced primarily by
familiarity, and without your own knowledge of the requirements of your
project
Unfortunately I cannot speak to the security issues of the various options,
but I hope that has helped a little

【在 c*********e 的大作中提到】
: XSS/csrf/Sql injection是因为用户数据里有tags, ' "之类的东西。和语言无关。
: 我最近做了一网站,为了防止sql injection,csrf,xss,用到了很多种方法。escape
: ' "据说不能防止所有的sql injection,但是我一直想知道一个例子。

d****n
发帖数: 1637
4
用过Mojolicious, 在perl里就那呢几个web framework。也没啥选的。
用来写rest api 就一个字,累。
每个model都要写一边。再来个ACL就彻底停工了。比起ROR/sailsjs这东西真是不
efficient

categorisation
s
is
existing
achieved

【在 w*s 的大作中提到】
: from others
: You have fallen foul of the primarily opinion-based off-topic categorisation
: , and your question will probably be closed very soon. However I think it's
: worth offering a few guidelines here
: First of all you should absorb what is written in CGI::Alternatives as it is
: a reasonable summary of the subject
: Next you should separate the HTML generation functionality of your existing
: CGI code from the interface itself, and consider replacements for each of
: them separately. If you were to use HTML::Tiny together with CGI::Simple
: then your code would have to change very little and you would have achieved

w***g
发帖数: 5958
5
Dancer2,很好用。

【在 w*s 的大作中提到】
: Yes, while i'm working on node.js, i still love perl, :)
: The old web product is based on old perl CGI, i'm looking to the simplest
: way to fix XSS/Sql injection/etc. web security holes.
: So for Catalyst Dancer Mason Maypole Mojolicious
: which one should i use in the ARM platform ? Thank you !

w*s
发帖数: 7227
6
旧的perl cgi code可以很容易move过来吗?

【在 w***g 的大作中提到】
: Dancer2,很好用。
1 (共1页)
进入Programming版参与讨论
相关主题
node.js session的问题请 教 : 关 于 writing to a file 用 Perl for CGI
TeacherWei刚才收集点你的小数据再 次 请 教 : 关 于 writing to a file 用 Perl for CGI
大家怎么看ruby on rails?弱问perl写网页buffer问题
ruby on rails 和 phphow to avoid security holes for perl CGI code using checkbo (转载)
面试碰到J2EE系统安全性的问题应该怎么回答?c写CGI
perl non web frameworkjava annotation怎么debug?
[转载] 在CGI程序中有何好方法返回HTMLVertx dependency injection 问题
关于c++调用DOS 命令的问题,谢谢借东风问一下:用JS可以cross domain接受SSL certificate吗?
相关话题的讨论汇总
话题: cgi话题: perl话题: web话题: your